<?php
include("../dbInfo.php");
$email = $_POST["email"];

$user = mysql_query("SELECT * FROM `accounts` WHERE `email` = '$email'") or die(mysql_error());
if(mysql_num_rows($user) > 0) {
	$alphaNum = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
	
	for($i = 0; $i < 6; $i++) {
		$token .= $alphaNum{rand(0, strlen($alphaNum)-1)};
	}
	
	$tempPass = substr(md5($token), 0, 10);
		
	$header = "From: All-Star Arena <noreply@allstararena.com>";
	
	$message = "This message was sent in response to your password recovery request. \r\n";
	$message.="Your new temporary password is shown below: \r\n";
	$message.="Temporary password: $tempPass \r\n";
	$message.="You may change this password after loging in. \r\n";
	$message.="LazySwim Team \r\n";
	$message.="http://www.lazyswim.com \r\n";
	$message.="This is an automated message, please do not reply to this email.";
		
	$to = $email;
	$subject = "LazySwim reset password";
	$headers = "From: noreply@LazySwim.com";

	if(mail($to, $subject, $message, $headers)) {
		$tempPass = sha1($tempPass);
		$change = mysql_query("UPDATE `accounts` SET `password` = '$tempPass' WHERE `email` = '$email'") or die(mysql_error());
		$msg = "<p align='center' style='background: #C3FDB8; border: 1px solid #00FF00; padding: 20px 0px;'>Temporary password has been sent to your email.</p>";
	}
	else {
		$msg = "<p align='center' style='background: #FAAFBE; border: 1px solid #FF0000; padding: 20px 0px;'>Could not send temporary password to email.</p>";
	}
}
else {
	$msg = "<p align='center' style='background: #FAAFBE; border: 1px solid #FF0000; padding: 20px 0px;'>Email is not registered.</p>";
}
echo $msg;
?>